Use Cloudflare SSL certificate for wildcard subdomains

Hi all,

I’m hosting a webapp on Heroku (if that matters), and I’ve created a wildcard subdomain. I’d like every subdomain to be SSL enabled/secured. To that end, I’ve created an Origin Server certificate on Cloudflare and have created the SSL setting son Heroku using the public/private keys I was provided. Unfortunately, it’s still not working and I’m not sure why. I’m getting the NET::ERR_CERT_AUTHORITY_INVALID error.

To clarify - domain DNS is managed through Cloudflare. I have a wildcare CNAME setting pointing to Heroku and I want to SSL encrypt every subdomain (it’ll likely be hundreds of subdomains, one for every user of our app).

Thanks!

That won’t work, as you won’t be able to proxy such a record. You’d need an Enterprise plan for that.

You need to create the hostnames individually and make sure they are proxied. As long as you have a proxied record, your setup appears to be sound. Just make sure your encryption mode is Full Strict, otherwise all the security goes out the window.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.